API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 27th, 2017
83
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 1.96 KB | None | 0 0
raw download clone embed print report
  1.  
  2. <?php
  3.  
  4.  
  5. /**
  6.  * @return void
  7.  */
  8. function connect () {
  9.     $con = mysql_connect('localhost', 'rhizon', 'Aspire1992') or exit(mysql_error());
  10.     mysql_select_db('rhizon', $con) or exit(mysql_error());
  11. }
  12.  
  13.  
  14. /**
  15.  * @param string $name
  16.  * @param string $pass
  17.  * @return boolean
  18.  */
  19. function check_user ( $name, $pass ) {
  20.     // magic quotes anpassen
  21.     if ( get_magic_quotes_gpc() ) {
  22.         $name = stripslashes($name);
  23.         $pass = stripslashes($pass);
  24.     }
  25.     // escapen von \x00, \n, \r, \, ', " und \x1a
  26.     $name = mysql_real_escape_string($name);
  27.     // escapen von % und _
  28.     $name = str_replace('%', '\%', $name);
  29.     $name = str_replace('_', '\_', $name);
  30.  
  31.     $sql = 'SELECT id FROM accounts WHERE loginname = \'' . $name . '\' AND pass=\'' . md5($pass) . '\'';
  32.     if ( !$result = mysql_query($sql) ) {
  33.         exit(mysql_error());
  34.     }
  35.     if ( mysql_num_rows($result) == 1 ) {
  36.         $user = mysql_fetch_assoc($result);
  37.         return ( $user['id'] );
  38.     } else {
  39.         return ( false );
  40.     }
  41. }
  42.  
  43.  
  44. /**
  45.  * @param int $userid
  46.  * @return void
  47.  */
  48. function login ( $userid ) {
  49.     $sql = 'UPDATE accounts SET session = \'' . session_id() . '\' WHERE id = ' . ((int)$userid);
  50.     if ( !mysql_query($sql) ) {
  51.         exit(mysql_error());
  52.     }
  53. }
  54.  
  55.  
  56. /**
  57.  * @return boolean
  58.  */
  59. function logged_in () {
  60.     $sql = 'SELECT id FROM accounts WHERE session = \'' . session_id() . '\'';
  61.     if ( !$result = mysql_query($sql) ) {
  62.         exit(mysql_error());
  63.     }
  64.     return (mysql_num_rows($result) == 1);
  65. }
  66.  
  67. /**
  68.  * @return void
  69.  */
  70. function logout () {
  71.     $sql = 'UPDATE accounts SET session = NULL WHERE session = \'' . session_id() . '\'';
  72.     if ( mysql_query($sql) ) {
  73.         exit(mysql_error());
  74.     }
  75. }
  76.  
  77. function username () {
  78.     $sql = 'SELECT loginname FROM accounts WHERE session = \'' . session_id() . '\'';
  79.     $ergebnis = mysql_fetch_array($sql);
  80.     return $ergebnis['loginname'];
  81. }
  82. connect();
  83.  
  84. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!